{"id":"MGASA-2024-0321","summary":"Updated chromium-browser-stable packages fix security vulnerabilities","details":"Use after free in Downloads. (CVE-2024-6988)\nUse after free in Loader. (CVE-2024-6989)\nUse after free in Dawn. (CVE-2024-6991)\nHeap buffer overflow in Layout. (CVE-2024-6994)\nInappropriate implementation in Fullscreen. (CVE-2024-6995)\nRace in Frames. (CVE-2024-6996)\nUse after free in Tabs. (CVE-2024-6997)\nUse after free in User Education. (CVE-2024-6998)\nInappropriate implementation in FedCM. (CVE-2024-6999)\nUse after free in CSS. (CVE-2024-7000)\nInappropriate implementation in HTML. (CVE-2024-7001)\nInappropriate implementation in FedCM. (CVE-2024-7003)\nInsufficient validation of untrusted input in Safe Browsing.\n(CVE-2024-7004)\nInsufficient validation of untrusted input in Safe Browsing.\n(CVE-2024-7005)\nUninitialized Use in Dawn. (CVE-2024-6990)\nOut of bounds read in WebTransport. (CVE-2024-7255)\nInsufficient data validation in Dawn. (CVE-2024-7256)\nOut of bounds memory access in ANGLE. (CVE-2024-7532)\nUse after free in Sharing. (CVE-2024-7533)\nType Confusion in V8. (CVE-2024-7550)\nHeap buffer overflow in Layout. (CVE-2024-7534)\nInappropriate implementation in V8. (CVE-2024-7535)\nUse after free in WebAudio. (CVE-2024-7536)\nUse after free in Passwords. (CVE-2024-7964)\nInappropriate implementation in V8. (CVE-2024-7965)\nOut of bounds memory access in Skia. (CVE-2024-7966)\nHeap buffer overflow in Fonts. (CVE-2024-7967)\nUse after free in Autofill. (CVE-2024-7968)\nType confusion in V8. (CVE-2024-7971)\nInappropriate implementation in V8. (CVE-2024-7972)\nHeap buffer overflow in PDFium. (CVE-2024-7973)\nInsufficient data validation in V8 API. (CVE-2024-7974)\nInappropriate implementation in Permissions. (CVE-2024-7975)\nInappropriate implementation in FedCM. (CVE-2024-7976)\nInsufficient data validation in Installer. (CVE-2024-7977)\nInsufficient policy enforcement in Data Transfer. (CVE-2024-7978)\nInsufficient data validation in Installer. (CVE-2024-7979)\nInsufficient data validation in Installer. (CVE-2024-7980)\nInappropriate implementation in Views. (CVE-2024-7981)\nType Confusion in V8. (CVE-2024-7969)\nHeap buffer overflow in Skia. (CVE-2024-8193)\nType Confusion in V8. (CVE-2024-8194)\nHeap buffer overflow in Skia. (CVE-2024-8198)\nUse after free in WebAudio. (CVE-2024-8362)\nOut of bounds write in V8. (CVE-2024-7970)\nHeap buffer overflow in Skia. (CVE-2024-8636)\nUse after free in Media Router. (CVE-2024-8637)\nType Confusion in V8. (CVE-2024-8638)\nUse after free in Autofill. (CVE-2024-8639)\nType Confusion in V8. (CVE-2024-8904)\nInappropriate implementation in V8. (CVE-2024-8905)\nIncorrect security UI in Downloads. (CVE-2024-8906)\nInsufficient data validation in Omnibox. (CVE-2024-8907)\nInappropriate implementation in Autofill. (CVE-2024-8908)\nInappropriate implementation in UI. (CVE-2024-8909)\nInappropriate implementation in V8. (CVE-2024-9121)\nType Confusion in V8. (CVE-2024-9122)\nInteger overflow in Skia. (CVE-2024-9123)\n","modified":"2026-03-25T17:59:27.068797Z","published":"2024-10-04T05:27:04Z","related":["CVE-2024-6988","CVE-2024-6989","CVE-2024-6990","CVE-2024-6991","CVE-2024-6994","CVE-2024-6995","CVE-2024-6996","CVE-2024-6997","CVE-2024-6998","CVE-2024-6999","CVE-2024-7000","CVE-2024-7001","CVE-2024-7003","CVE-2024-7004","CVE-2024-7005","CVE-2024-7255","CVE-2024-7256","CVE-2024-7532","CVE-2024-7533","CVE-2024-7534","CVE-2024-7535","CVE-2024-7536","CVE-2024-7550","CVE-2024-7964","CVE-2024-7965","CVE-2024-7966","CVE-2024-7967","CVE-2024-7968","CVE-2024-7969","CVE-2024-7970","CVE-2024-7971","CVE-2024-7972","CVE-2024-7973","CVE-2024-7974","CVE-2024-7975","CVE-2024-7976","CVE-2024-7977","CVE-2024-7978","CVE-2024-7979","CVE-2024-7980","CVE-2024-7981","CVE-2024-7982","CVE-2024-7983","CVE-2024-7984","CVE-2024-7985","CVE-2024-8193","CVE-2024-8194","CVE-2024-8198","CVE-2024-8362","CVE-2024-8636","CVE-2024-8637","CVE-2024-8638","CVE-2024-8639","CVE-2024-8904","CVE-2024-8905","CVE-2024-8906","CVE-2024-8907","CVE-2024-8908","CVE-2024-8909","CVE-2024-9121","CVE-2024-9122","CVE-2024-9123"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2024-0321.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=33443"},{"type":"REPORT","url":"https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_24.html"},{"type":"REPORT","url":"https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_17.html"},{"type":"REPORT","url":"https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_10.html"},{"type":"REPORT","url":"https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop.html"},{"type":"REPORT","url":"https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_28.html"},{"type":"REPORT","url":"https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html"},{"type":"REPORT","url":"https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_13.html"},{"type":"REPORT","url":"https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop.html"},{"type":"REPORT","url":"https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop_30.html"},{"type":"REPORT","url":"https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop_23.html"}],"affected":[{"package":{"name":"chromium-browser-stable","ecosystem":"Mageia:9","purl":"pkg:rpm/mageia/chromium-browser-stable?arch=source&distro=mageia-9"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"128.0.6613.137-1.mga9.tainted"}]}],"ecosystem_specific":{"section":"tainted"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2024-0321.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}